Agent improvements:
- Add reqwest dependency for HTTP latency testing
- Implement measure_site_latency() function for nginx sites
- Add latency_ms field to ServiceData structure
- Measure response times for nginx sites using HEAD requests
- Handle connection failures gracefully with 5-second timeout
- Use HTTPS for external sites, HTTP for localhost
Dashboard improvements:
- Add latency_ms field to ServiceInfo structure
- Display latency for nginx sites: "docker.cmtec.se 134ms"
- Only show latency for nginx sub-services, not other services
- Change disk usage "0" to "<1MB" for better readability
The Services widget now shows:
- Nginx sites with response times when measurable
- Cleaner disk usage formatting for small values
- Improved user experience with meaningful latency data
Agent improvements:
- Add get_logged_in_users() function to SystemCollector using 'who' command
- Collect unique, sorted list of currently logged-in users
- Include logged_in_users field in system metrics JSON output
- Change C-state formatting to show 2 states per row instead of 4
Dashboard improvements:
- Update Backups widget to show "Archives: XX, ..." format
- System widget ready to display logged-in users with proper formatting
The System widget will now show:
- C-states formatted as 2 per row for better readability
- Logged-in users displayed as "Logged in: user" or "Logged in: X users (user1, user2)"
Services widget:
- Fix disk quota formatting with proper rounding instead of truncation
- Remove decimals from RAM quotas and use GB instead of G
- Change quota display to use GB consistently
Backups widget:
- Change GiB to GB for consistency
- Remove spaces between numbers and units
- Update disk usage format to match other widgets: used (totalGB)
- Remove percentage display for cleaner format
System widget:
- Add support for logged-in users in description lines
- Format C-states with "C-State:" prefix on first line, indent subsequent lines
- Add logged_in_users field to SystemSummary data structure
Documentation:
- Add example hash error output to NixOS update instructions
Services widget:
- Remove SB (sandbox) column and related formatting function
- Fix quota formatting to show decimals when needed (1.5G not 1G)
- Remove spaces in unit display (128MB not 128 MB)
Storage widget:
- Change usage format to 23GB (932GB) for better readability
Documentation:
- Add NixOS configuration update process to CLAUDE.md
- Update column headers to be more concise: RAM (GB) → RAM, CPU (%) → CPU, Disk (GB) → Disk
- Change sandbox column "no(ok)" to "-" for excluded services
- Implement smart unit formatting for memory and disk values (kB/MB/GB)
- Display quotas as (XG) format without decimals when limits exist
- Add format_bytes() helper for consistent unit display across metrics
Implement exclusion list for services that don't require sandboxing due
to their nature (SSH, Docker, system services). These services now show
"no(ok)" in SB column and maintain green status instead of warning.
Changes:
- Add is_sandbox_excluded field to ServiceData and ServiceInfo structs
- Add is_sandbox_excluded() method with system service exclusions:
- sshd/ssh (needs system access for auth/shell)
- docker (needs broad system access)
- systemd services, dbus, NetworkManager, etc.
- Update status determination to accept excluded services as ok
- Update format_sandbox_value to show "no(ok)" for excluded services
- Update all ServiceData constructors with exclusion field
Service status logic:
- Sandboxed: Status=Running, SB="yes"
- Excluded: Status=Running, SB="no(ok)"
- Should be sandboxed but isn't: Status=Degraded, SB="no"
This provides clear distinction between services that legitimately don't
need sandboxing vs. those requiring security attention.
Add new "SB" column to services widget showing systemd sandboxing status.
Service status now reflects security posture with unsandboxed services
showing as degraded/warning status.
Changes:
- Add is_sandboxed field to ServiceData and ServiceInfo structs
- Add check_service_sandbox method detecting systemd hardening features
- Add format_sandbox_value function showing "yes"/"no" for sandboxing
- Update service status determination to consider sandbox status:
- Sandboxed + Running = "Running" (green/ok)
- Unsandboxed + Running = "Degraded" (yellow/warning)
- Failed services = "Stopped" (red/critical)
- Add "SB" column header to services widget
Services without proper NixOS hardening (PrivateTmp, ProtectSystem, etc.)
now show warning status to highlight security concerns.
Replace misleading system total quotas with actual service-specific
quota detection. Services now only show quotas when real limits exist.
Changes:
- Add get_service_disk_quota method with filesystem quota detection
- Add check_filesystem_quota and docker storage quota helpers
- Remove automatic assignment of system totals as fake quotas
- Update dashboard formatting to show usage only when no quota exists
Display behavior:
- Services with real limits: "2.1/8.0" (usage/quota)
- Services without limits: "2.1" (usage only)
This provides accurate monitoring instead of misleading system capacity
values that suggested all services had massive quotas.
Standardize all services widget columns to show units in headers
and remove units from metric values for cleaner display.
Changes:
- Update column headers: "RAM (GB)", "CPU (%)", "Disk (GB)"
- Remove units from metric values:
- RAM: "5.2/32.0" (no GB)
- CPU: "2.5" (no %)
- Disk: "1.5/500.0" (no GB)
- Simplify disk formatting to always show GB format
All columns now consistently display units in headers with
clean, uncluttered metric values.
Improve services widget to show consistent usage/total format for both
RAM and Disk columns, using system totals when no service quotas exist.
Changes:
- Change column header from "Memory (GB)" to "RAM (GB)"
- Remove "GB" units from memory values (units now in header)
- Add system memory total detection from /proc/meminfo
- Use system memory total as default quota for services without limits
- Services now show "5.2/32.0" format for both RAM and disk
Both RAM and Disk columns now consistently display usage/quota format
where quota is either service-specific limit or system total capacity.
Implement disk quota/total display in services widget showing usage/quota
format. When services don't have specific disk quotas configured, use
system total disk capacity as the quota value.
Changes:
- Add disk_quota_gb field to ServiceData struct in agent
- Add disk_quota_gb field to ServiceInfo struct in dashboard
- Update format_disk_value to show usage/quota format
- Use system disk total capacity as default quota for services
- Rename DiskUsage.total_gb to total_capacity_gb for clarity
Services will now display disk usage as "5.2/500.0 GB" format where
500.0 GB is either the service's specific quota or system total capacity.
Temporarily disable excessive connection monitoring in ServiceCollector
to test impact on CPU load and C-states. Keep nginx sites and docker
containers as they are needed for sub-service display functionality.
Disabled monitoring:
- SSH connections (ss commands)
- Database connections (PostgreSQL, MySQL, Redis)
- Web service connections (Apache, Gitea, Immich, etc.)
- Network service connections (Mosquitto, UniFi, etc.)
This eliminates most external command calls while preserving essential
nginx and docker sub-service enumeration.
- Add DEFAULT_HOSTS constant in config.rs for centralized host management
- Update ZMQ endpoint generation to connect to all configured hosts
- Implement graceful connection handling for unreachable endpoints
- Dashboard now auto-discovers and connects to available agents on cmbox, labbox, simonbox, steambox, srv01
- Fix systemctl, du, df, uptime, ss, journalctl commands
- Add sudo for du command (needed for directory access)
- This should resolve all remaining command path issues in the service
- Storage, backup, and system monitoring should now work properly
- Use full path /run/current-system/sw/bin/ss for SSH connection counting
- Re-enable nginx site accessibility checking with full curl path
- This should show SSH connection counts and verify which nginx sites are accessible
- Shows all parsed nginx sites instead of filtering by accessibility
- This ensures nginx sites are displayed in dashboard immediately
- Accessibility check was filtering out sites due to curl issues or timeouts
- Change nginx command from 'nginx' to '/run/current-system/sw/bin/nginx'
- Change psql command from 'psql' to '/run/current-system/sw/bin/psql'
- This ensures sudo rules can properly match the commands with full paths
Improve parsing of nginx config path from systemd ExecStart to handle
both traditional format and NixOS argv[] format. This should fix nginx
sites not being detected when running as a systemd service.
- Storage widget: Restructure with Name/Temp/Wear/Usage columns, SMART details as descriptions
- Host navigation: Only cycle through connected hosts, no disconnected hosts
- Auto-discovery: Skip config files, use predefined CMTEC host list
- Maintenance mode: Suppress notifications during backup via /tmp/cm-maintenance file
- CPU thresholds: Update to warning ≥9.0, critical ≥10.0 for production use
- Agent-dashboard separation: Agent provides descriptions, dashboard displays only
- Rename alerts widget to hosts widget for clarity
- Add sub_service field to ServiceInfo for display differentiation
- Integrate system metrics (CPU load, memory, temperature, disk) as service rows
- Convert nginx sites to individual sub-service rows with tree structure
- Remove nginx site checkmarks - status now shown via row indicators
- Update dashboard layout to display system and service data together
- Maintain description lines for connection counts and service details
Services widget now shows:
- System metrics as regular service rows with status
- Nginx sites as sub-services with ├─/└─ tree formatting
- Regular services with full resource data and descriptions
- Unified status indication across all row types
Agent Changes:
• Add CPU status thresholds (warning: ≥5.0, critical: ≥8.0)
• Add memory status thresholds (warning: ≥80%, critical: ≥95%)
• Add service status calculation (critical if failed>0, warning if degraded>0)
• All collectors now calculate and include status in output
Dashboard Changes:
• Update system widget to use agent-calculated cpu_status and memory_status
• Update services widget to use agent-calculated services_status
• Remove client-side status calculations in favor of agent status
• Add status_level_from_agent_status helper function
Notification System:
• Add SMTP email notification system using lettre crate
• Auto-configure notifications: hostname@cmtec.se → cm@cmtec.se
• Smart change detection with rate limiting (30min cooldown)
• Only notify on transitions to/from warning/critical states
• Rich email formatting with host, component, metric details
